best ddos attack method

Background:1.CSRF knowledgeCSRF (Cross-site request forgery cross-site solicitation forgery, also known as "one click Attack" or session riding, usually abbreviated as CSRF or XSRF, is a malicious use of the site. Although it sounds like a cross-site script (XSS), it is very different from XSS and is almost at odds with the way it is attacked. XSS leverages trusted users within the site, while CSRF leverages trusted sites by disguising requests from t

to know the user's password to gain access. Third: Restrict permissions for the database account used to execute the query. Perform query, insert, UPDATE, delete operations with different user accounts. By isolating the operations that can be performed by different accounts, it prevents the original use of the Select command from being used to execute the INSERT, UPDATE, or delete commands. ⑵ uses stored procedures to execute all queries. The way SQL parameters are passed will prevent attacke

This example describes the thinkphp2.x approach to preventing XSS cross-site attacks. Share to everyone for your reference. Specifically as follows: have been using thinkphp2.x, through the dark clouds have to submit a thinkphp XSS attack bug, take a moment to look at. The principle is to pass the URL to the script tag, thinkphp error page directly output script. Principle: Http://ask.lenovo.com.cn/index.php?s=1%3Cbody+onload=alert (1)%3e Where t